Cisco VPN Concentrator for Syslog
Cisco VPN Concentrator for Syslog
The Cisco VPN 3000 Series Concentrator provides an appliance-based solution for deploying VPN functionality across remote networks. VPN concentrators are often connected parallel to the firewalls. The design simplifies the management of the network but creates security concerns. After a user has been authenticated through VPN concentrators, the user has complete access to the network. This makes a strong case for logging the messages from the VPN concentrator. To configure the Cisco VPN 3000 Series Concentrator for sending sys log messages, follow these steps:
1. Log in to the VPN concentrator using a web browser.
2. Navigate to the sys log server page by choosing Configuration > System > Events > Sys log Servers
3. On the Sys log Servers page, click the Add button
4. Enter the IP address of the sys log server and select the facility level from the Facility drop-down menu. Save these settings and return to the Sys log Servers page by clicking the Add button.
5. To select the kind of messages that are to be sent to the sys log server, navigate to the General page by choosing Configuration > System > Events > General.
6. On the General page, select an option from the Severity to Sys log drop-down menu, and click the Apply button.
7. To save the configuration changes, click the Save Needed icon.
As configured in this example, the VPN concentrator is now ready to send sys log messages at facility local6, severity 1–5 to server